Codify

Brand Builder

digital safety concept padlock in electronic environment

Securing the rapidly-expanding universe of connected technology just got a helping hand from a new assurance testing program for Internet of Things (IoT) sensors and devices.

According to a press release, ICSA Labs is launching a new security testing program that will focus on assurance testing for IoT.

The new IoT Security Testing and Certification Program will see ICSA Labs test six key components:  communications, alert/logging, platform security, cryptography, physical security and authentication. Any devices carrying the ICSA Labs IoT certification will be tested over their lifecycle at regularly established intervals in order to ensure the devices remain secure.

“We expect the Internet of Things to be the next digital wave,” said ICSA Labs managing director George Japak. “Given the enormity and complexity of the space, it can be tricky for enterprises to navigate. We know from multiple recent studies that the #1 concern among adopters is security and privacy, and our new IoT Security Testing and Certification Program directly addresses this concern.”

A projected 25.6 billion IoT devices are expected to enter the marketplace in 2019, rising from 9.7 billion in 2014, according to Verizon’s State of the Market: Internet of Things 2016 report. By 2020, market growth is expected to see 30 billion devices online.

IoT security a growing concern

Parallel to this growth, IoT security is becoming a top concern as industry leaders try to ensure the rapidly proliferating devices are not easy prey for hackers. A recent study predicted annualized growth in the IoT security market will reach nearly 55% through 2019.

“Currently very little exists in the form of organized testing and/or standards to ensure IoT devices and the data exchanged is protected,” Japak said. “This program is aimed at filling that gap especially as more companies embrace the Internet of Things to streamline business and provide higher levels of customer service.”

Meanwhile, Underwriters Laboratories (UL) recently launched new standards to test web-connected devices for security vulnerabilities. UL’s move was a response to the Cybersecurity National Action Plan launched by the White House in February, with UL’s IoT standards developed with the help of several government departments.

ICSA Labs is an independent security testing division of Verizon Business covering anti-virus, firewalls, IPsec VPN, cryptography, SSL VPN, network IPS and anti-spyware technology.

The post ICSA Labs jumps into the IoT security testing pool appeared first on ReadWrite.

mobile-phone-bomb

On this Memorial Day, let’s not forget the hackers and tinkerers toiling in the shadows, who help protect those men and women who keep America safe.

As we enter a world of connected everything, U.S. defense research agency DARPA is trying to stay on top of this IoT thing — ensuring that “off-the-shelf” products cannot be used by criminals or terrorists to attack the country.

In order to do this, earlier this year DARPA launched Improv, a new project calling for hackers to create weapons from everyday products. Hackers must use products that use commercial software or open source code and readily available materials, and turn them into a device that might create a national security scare.

See also: Can ISIS hack the Internet of Things? (Uh, no.)

The goal for DARPA is to neutralize any product that could pose a threat before potential adversaries weaponize it.

DARPA isn’t just looking for pipe bombs and makeshift surveillance. It wants hackers to look into emerging technologies like drones, 3D printers, and small IoT sensors. Anything that can be easily purchased and customized to be a threat is applicable.

“DARPA’s in the surprise business and part of our goal is to prevent surprise. This particular space is one that is difficult to analyze and we’re trying a different approach to gathering information that will help us understand it,” says Dr. John Main, head of project Improv. “It really is more about being proactive than reactive.”

He points out that for decades, America’s pretty much complete monopoly on access to the most advanced technologies.

But as more commercially available equipment across all sectors – from agriculture to transportation – began to feature complex and sophisticated components and systems, he says there’s a growing risk that a clever enemy might use these devices to threaten military operations.

DARPA looking for DIY Bournes or McGyvers?

Project Improv charges the brave and curious across many sectors and technologies to look at today’s booming tech bazaar and go full Jason Bourne on that Google Home.

“(We want you) to imagine how easily purchased, relatively benign technologies might be converted or combined into threats to military operations, equipment, or personnel,” says Main. “Candidate ideas will be assessed and varying levels of support will be offered to develop and test selected proposals.”

Or maybe it’s less Bourne than McGyver — the emphasis will be on fast and cheap, with the goal of the best ideas being able to leap from concept to prototype within 100 days.

Hackers will be rewarded for their efforts. DARPA is offering $40,000 in funding to complete a study on threatening technologies, followed by $70,000 to complete a prototype. These will then be moved to military labs for testing and neutralization.

DARPA will decide which products receive funding on a case-by-case basis. Hackers have until the end of the year to submit their projects.

Governments have been slow to understand threats online and some have used the tension between people and technology to impose mass surveillance or ban certain apps and technologies. Thankfully, DARPA has a more reasonable approach to tackling the growing number of tech threats.

The post Will the U.S. military enlist Amazon’s Alexa? appeared first on ReadWrite.